audit-check icon indicating copy to clipboard operation
audit-check copied to clipboard

Published 20 hours ago verified publisher icon actions-rs

Include `cargo tree -i <crate>` output in issue

Open Nemo157 opened this issue 5 years ago • 1 comments

Motivation

First step of triaging an audit issue is to see why the affected crate is being included in the build, to see if it's a direct dependency that can be controlled, or a deep dependency that may need more effort. Including the output from cargo tree -i <crate> in the opened issue would allow trivially seeing this from the issue directly (example).

Nemo157 avatar Jul 01 '20 08:07 Nemo157

Hi, @Nemo157! I agree that adding it would be very helpful; I'm aiming to get this information from cargo-audit directly, see https://github.com/RustSec/cargo-audit/issues/227#issuecomment-630091843

svartalf avatar Jul 01 '20 08:07 svartalf